Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 2.5%
  • Veröffentlicht 03.07.2018 10:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:26

An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.4. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.

  • EPSS 3.09%
  • Veröffentlicht 03.07.2018 01:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:08

Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible ...

Exploit
  • EPSS 0.64%
  • Veröffentlicht 02.07.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:03

An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be ...

  • EPSS 1.45%
  • Veröffentlicht 02.07.2018 12:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:21

A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet().

  • EPSS 0.51%
  • Veröffentlicht 02.07.2018 12:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:18

The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.

  • EPSS 2.48%
  • Veröffentlicht 01.07.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:18

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

  • EPSS 48.72%
  • Veröffentlicht 29.06.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:09

perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing coul...

Exploit
  • EPSS 2.52%
  • Veröffentlicht 29.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:14

An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.

  • EPSS 2.29%
  • Veröffentlicht 29.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:14

An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.

  • EPSS 0.4%
  • Veröffentlicht 28.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:07

In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.